quote the criteria string in ActiveRecord.

author: wei <> 2007-01-03 11:31:18 +0000
committer: wei <> 2007-01-03 11:31:18 +0000
commit: 7ea61ba9701a04bc593d7c5960c5135ce39805a8 (patch)
tree: 55cc29fdd679440bfb7a86d12aecca684dc6dbb0
parent: 46484d91f49721a10b76e2c25071ad594f0b32d4 (diff)
11 files changed, 50 insertions, 22 deletions
diff --git a/demos/quickstart/protected/pages/Database/ActiveRecord.page b/demos/quickstart/protected/pages/Database/ActiveRecord.page
index 017b8d45..e3da53c0 100644
--- a/demos/quickstart/protected/pages/Database/ActiveRecord.page
+++ b/demos/quickstart/protected/pages/Database/ActiveRecord.page
@@ -74,7 +74,7 @@ class UserRecord extends TActiveRecord
 	public $username; //the column named "username" in the "users" table
 	public $email;
 	
-	private static $_tablename='users'; //table name 
+	public static $_tablename='users'; //table name 
 	
 	/**
 	 * @return TActiveRecord active record finder instance
@@ -88,7 +88,7 @@ class UserRecord extends TActiveRecord
 </p>
 <p>Each property of the <tt>UserRecord</tt> class must correspond to a
 	column with the same name in the "users" table. The static class variable
-	<tt>$_tablename</tt> is optional when the class name is the same as
+	<tt>$_tablename</tt> (must be public) is optional when the class name is the same as
 	the table name in the database, otherwise <tt>$_tablename</tt> must
 	specify the table name that corresponds to your Active Record class.
 </p>
diff --git a/framework/Data/ActiveRecord/Vendor/TDbMetaData.php b/framework/Data/ActiveRecord/Vendor/TDbMetaData.php
index 4bbc62ee..efb7c467 100644
--- a/framework/Data/ActiveRecord/Vendor/TDbMetaData.php
+++ b/framework/Data/ActiveRecord/Vendor/TDbMetaData.php
@@ -21,6 +21,7 @@
  * @package System.Data.ActiveRecord.Vendor
  * @since 3.1
  */
+
 abstract class TDbMetaData extends TComponent
 {
 	private $_primaryKeys=array();
diff --git a/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php b/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php
index 44b33ab1..74c97689 100644
--- a/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php
+++ b/framework/Data/ActiveRecord/Vendor/TDbMetaDataCommon.php
@@ -49,7 +49,7 @@ abstract class TDbMetaDataCommon extends TDbMetaData
 	public function getFindByCriteriaCommand($conn, $criteria=null)
 	{
 		$columns = $this->getSelectionColumns();
-		$conditions = $criteria!==null?$this->getSqlFromCriteria($criteria) : '';
+		$conditions = $criteria!==null?$this->getSqlFromCriteria($conn,$criteria) : '';
 		$table = $this->getTableName();
 		$sql = "SELECT {$columns} FROM {$table} {$conditions}";
 		return $this->createCriteriaBindedCommand($conn,$sql, $criteria);
@@ -64,13 +64,13 @@ abstract class TDbMetaDataCommon extends TDbMetaData
 	public function getCountRecordsCommand($conn, $criteria)
 	{
 		$columns = $this->getSelectionColumns();
-		$conditions = $this->getSqlFromCriteria($criteria);
+		$conditions = $this->getSqlFromCriteria($conn,$criteria);
 		$table = $this->getTableName();
 		$sql = "SELECT count(*) FROM {$table} {$conditions}";
 		return $this->createCriteriaBindedCommand($conn,$sql, $criteria);
 	}
 
-	abstract protected function getSqlFromCriteria(TActiveRecordCriteria $criteria);
+	abstract protected function getSqlFromCriteria($conn,TActiveRecordCriteria $criteria);
 
 	/**
 	 * Sql command with parameters binded.
diff --git a/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php b/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php
index 1289afa5..0ac3798d 100644
--- a/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php
+++ b/framework/Data/ActiveRecord/Vendor/TMysqlMetaData.php
@@ -24,27 +24,36 @@ class TMysqlMetaData extends TDbMetaDataCommon
 {
 	/**
 	 * Build the SQL search string from the criteria object for Postgress database.
+	 * @param TDbConnection database connection.
 	 * @param TActiveRecordCriteria search criteria.
 	 * @return string SQL search.
 	 */
-	protected function getSqlFromCriteria(TActiveRecordCriteria $criteria)
+	protected function getSqlFromCriteria($conn, TActiveRecordCriteria $criteria)
 	{
 		$sql = '';
 		if(($condition = $criteria->getCondition())!==null)
 			$sql .= $condition;
 		$orders=array();
 		foreach($criteria->getOrdersBy() as $by=>$ordering)
-			$orders[] = $by.' '.$ordering;
+			$orders[] = $conn->quoteString($by).' '.$this->getOrdering($ordering);
 		if(count($orders) > 0)
 			$sql .= ' ORDER BY '.implode(', ', $orders);
 		if(($limit = $criteria->getLimit())!==null)
 		{
 			$offset = $criteria->getOffset();
-			$offset = $offset===null?0:$offset;
-			$sql .= ' LIMIT '.$offset.', '.$limit;
+			$offset = $offset===null?0:intval($offset); //assumes integer offset
+			$sql .= ' LIMIT '.$offset.', '.intval($limit); //assumes integer limit
 		}
 		return strlen($sql) > 0 ? ' WHERE '.$sql : '';
 	}
+
+	private function getOrdering($direction)
+	{
+		if(strtolower($direction)=='desc')
+			return 'DESC';
+		else
+			return 'ASC';
+	}
 }
 
 ?>
 \ No newline at end of file
diff --git a/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php b/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php
index 5fc0fcaf..35452849 100644
--- a/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php
+++ b/framework/Data/ActiveRecord/Vendor/TPgsqlMetaData.php
@@ -26,24 +26,33 @@ class TPgsqlMetaData extends TDbMetaDataCommon
 {
 	/**
 	 * Build the SQL search string from the criteria object for Postgress database.
+	 * @param TDbConnection database connection.
 	 * @param TActiveRecordCriteria search criteria.
 	 * @return string SQL search.
 	 */
-	protected function getSqlFromCriteria(TActiveRecordCriteria $criteria)
+	protected function getSqlFromCriteria($conn, TActiveRecordCriteria $criteria)
 	{
 		$sql = '';
 		if(($condition = $criteria->getCondition())!==null)
 			$sql .= $condition;
 		$orders=array();
 		foreach($criteria->getOrdersBy() as $by=>$ordering)
-			$orders[] = $by.' '.$ordering;
+			$orders[] = $conn->quoteString($by).' '.$this->getOrdering($ordering);
 		if(count($orders) > 0)
 			$sql .= ' ORDER BY '.implode(', ', $orders);
 		if(($limit = $criteria->getLimit())!==null)
-			$sql .= ' LIMIT '.$limit;
+			$sql .= ' LIMIT '.intval($limit); //assumes integer limit?
 		if(($offset = $criteria->getOffset())!==null)
-			$sql .= ' OFFSET '.$offset;
+			$sql .= ' OFFSET '.intval($offset); //assumes integer offset?
 		return strlen($sql) > 0 ? ' WHERE '.$sql : '';
 	}
+
+	private function getOrdering($direction)
+	{
+		if(strtolower($direction) == 'desc')
+			return 'DESC';
+		else
+			return 'ASC';
+	}
 }
 ?>
 \ No newline at end of file
diff --git a/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php b/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php
index 75c30c93..22d1759b 100644
--- a/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php
+++ b/framework/Data/ActiveRecord/Vendor/TSqliteMetaData.php
@@ -24,28 +24,37 @@ class TSqliteMetaData extends TDbMetaDataCommon
 {
 	/**
 	 * Build the SQL search string from the criteria object for Postgress database.
+	 * @param TDbConnection database connection.
 	 * @param TActiveRecordCriteria search criteria.
 	 * @return string SQL search.
 	 */
-	protected function getSqlFromCriteria(TActiveRecordCriteria $criteria)
+	protected function getSqlFromCriteria($conn, TActiveRecordCriteria $criteria)
 	{
 		$sql = '';
 		if(($condition = $criteria->getCondition())!==null)
 			$sql .= $condition;
 		$orders=array();
 		foreach($criteria->getOrdersBy() as $by=>$ordering)
-			$orders[] = $by.' '.$ordering;
+			$orders[] = $conn->quoteString($by).' '.$this->getOrdering($ordering);
 		if(count($orders) > 0)
 			$sql .= ' ORDER BY '.implode(', ', $orders);
 		if(($limit = $criteria->getLimit())!==null)
 		{
 			$offset = $criteria->getOffset();
-			$offset = $offset===null?0:$offset;
-			$sql .= ' LIMIT '.$offset.', '.$limit;
+			$offset = $offset===null?0:intval($offset); //assume integer offset?
+			$sql .= ' LIMIT '.$offset.', '.intval($limit); //assume integer limit?
 		}
 		return strlen($sql) > 0 ? ' WHERE '.$sql : '';
 	}
 
+	private function getOrdering($direction)
+	{
+		if(strtolower($direction) == 'desc')
+			return 'DESC';
+		else
+			return 'ASC';
+	}
+
 	/**
 	 * Remove quote from the keys in the data.
 	 * @param mixed record row
diff --git a/tests/simple_unit/ActiveRecord/records/DepSections.php b/tests/simple_unit/ActiveRecord/records/DepSections.php
index 9563dda6..476371bd 100644
--- a/tests/simple_unit/ActiveRecord/records/DepSections.php
+++ b/tests/simple_unit/ActiveRecord/records/DepSections.php
@@ -6,7 +6,7 @@ class DepSections extends TActiveRecord
 	public $section_id;
 	public $order;
 
-	private static $_tablename='department_sections';
+	public static $_tablename='department_sections';
 
 	public static function finder()
 	{
diff --git a/tests/simple_unit/ActiveRecord/records/DepartmentRecord.php b/tests/simple_unit/ActiveRecord/records/DepartmentRecord.php
index 62e5c3e4..64ab39d0 100644
--- a/tests/simple_unit/ActiveRecord/records/DepartmentRecord.php
+++ b/tests/simple_unit/ActiveRecord/records/DepartmentRecord.php
@@ -8,7 +8,7 @@ class DepartmentRecord extends TActiveRecord
 	public $active;
 	public $order;
 
-	private static $_tablename = 'departments';
+	public static $_tablename = 'departments';
 
 	public static function finder()
 	{
diff --git a/tests/simple_unit/ActiveRecord/records/SimpleUser.php b/tests/simple_unit/ActiveRecord/records/SimpleUser.php
index a6eb2f81..a256ffaf 100644
--- a/tests/simple_unit/ActiveRecord/records/SimpleUser.php
+++ b/tests/simple_unit/ActiveRecord/records/SimpleUser.php
@@ -4,7 +4,7 @@ class SimpleUser extends TActiveRecord
 {
 	public $username;
 
-	private static $_tablename='simple_users';
+	public static $_tablename='simple_users';
 
 	public static function finder()
 	{
diff --git a/tests/simple_unit/ActiveRecord/records/SqliteUsers.php b/tests/simple_unit/ActiveRecord/records/SqliteUsers.php
index 7a8f3cbb..6a6b9be9 100644
--- a/tests/simple_unit/ActiveRecord/records/SqliteUsers.php
+++ b/tests/simple_unit/ActiveRecord/records/SqliteUsers.php
@@ -6,7 +6,7 @@ class SqliteUsers extends TActiveRecord
 	public $password;
 	public $email;
 
-	private static $_tablename='users';
+	public static $_tablename='users';
 
 	public static function finder()
 	{
diff --git a/tests/simple_unit/ActiveRecord/records/UserRecord.php b/tests/simple_unit/ActiveRecord/records/UserRecord.php
index 45b74d3a..02534d6f 100644
--- a/tests/simple_unit/ActiveRecord/records/UserRecord.php
+++ b/tests/simple_unit/ActiveRecord/records/UserRecord.php
@@ -18,7 +18,7 @@ class UserRecord extends TActiveRecord
 
 	private $_level=-1;
 
-	protected static $_tablename='users';
+	public static $_tablename='users';
 
 	public function getLevel()
 	{
author	wei <>	2007-01-03 11:31:18 +0000
committer	wei <>	2007-01-03 11:31:18 +0000
commit	7ea61ba9701a04bc593d7c5960c5135ce39805a8 (patch)
tree	55cc29fdd679440bfb7a86d12aecca684dc6dbb0
parent	46484d91f49721a10b76e2c25071ad594f0b32d4 (diff)